Humans are a weak link in cyber security, and hackers and social manipulators know this. They try to trick people into getting past security walls. They design their actions to appear harmless and legitimate.

In March 2011, hackers sent two spear phishing emails to a small group of employees at security firm, RSA. They only needed one employee to open an infected file and launch the malware. The malware downloaded information from RSA that then helped the hackers learn how to defeat RSA’s security token. In May and June 2011, a number of defense contractors’ networks were breached via the compromised RSA token.

Before the 2010 World Cup, cybercriminals offered tickets for sale or sent phishing emails claiming you won tickets to see the event.

After the death of Osama Bin Laden, a video claiming to show Bin Laden’s capture was posted on Facebook. The video was a fake. When users clicked on the link to the video, they were told to copy a JavaScript code into their browser bar which automatically sent the hoax to their friends, and gave the hackers full access to their account.